Critical vulnerabilities in Revslider component for WordPress

Revslider (revolution slider) is a component included by defect in many themes and WordPress templates. Unfortunately, in present days, many vulnerabilities have been found, and some of them are very dangerous.

2014 November 26th

A vulnerability which allows to upload and execute a shell in any site, without previus authentication, was discovered.
Flagged as CRITICAL.

2015 March 30th

A vulnerability which allows to download any file from a server, among these, the configuration file where the access to the data base credentials are found, was discovered.

2015 May 8th

A new vulnerability which allows to upload any file to a server with WordPress (a shell, a phishing site or a script to send spam, for exemple) and execute it without the need of users and passwords, was found.

Flagged as CRITICAL

The danger of these vulnerabilities has made us create an important update in the Pyxsoft anti malware engine.

From version 1.5.7 onwards, it will not be posible to upload any type of file to the WordPress interface without previously logging-in as an authenticated user.

The attemps of making non authorized uploads will be blocked and listed in the Pyxsoft administration screen as follow:

WordPress x.x.x non authenticated upload attempt.

With this new protection layer, the vulnerabilities in revslider and in any future components which by error allow the unauthorized upload of files, will be neutralized.

Our clients can be sure that from version 1.5.7 onwards , their servers will not be vulnerated using this method.

Since the publication of this new version, more than 200.000 attemps to vulnerate sites with WordPress have been blocked, in only 2 days.